The stimulus bill included $20 billion to promote adoption of EMR. Adopting EMR promises increased efficiency, lower costs and a reduction of preventable errors. This summer, the Secretary of Health and Human Services will define standards for EMR. Among these standards, I'm pretty sure we're going to see some strong authentication and encryption requirements. (We've been doing this for years, so we're prepared!) The question is, will tougher privacy and security records stunt the efficiency and adoption of EMR?
According to new research co-authored by Amalia Miller, University of Virginia economics assistant professor, Yes.
Ratcheting up the privacy and security of medical records means slower adoption of electronic medical records. "Reducing adoption by more than 24 percent - that's a pretty big effect," Miller said. "It's important to know those costs and have that be part of the policy decision-making process. To decide how much privacy is optimal, we need to quantify the costs and benefits, and those haven't been well quantified.I personally think its wonderful to have more stringent requirements when it comes to privacy. However, Professor Miller is absolutely correct, we must quantify the costs and benefits of any new requirements.
The issue is, what's more important, speeding up EMR adoption or protecting the actual records? Slowing EMR has substantial costs to our healthcare institution. "How long can we wait?" is the question everyone is probably asking. We have just as much of a public policy concern with slow EMR adoption (since our healthcare insurance costs are so high) as we have with protecting those EMR records.
As long as policy makers are being reasonable in their policy making, I don't see why anyone would really complain about stringent requirements! Why? Because if the requirement is practical, competent IT companies will be able to implement the proper solution. In fact, I highly believe IT companies should ALREADY be taking safety precautions when designing an IT infrastructure. I'm waiting for the first string of these requirements to come forth. I'll keep you posted.
(I won't brag about our credentials in this blog post... maybe next time!)
No comments:
Post a Comment